From 1a7e573aee513e7fc8df567644fa7a3259e5182d Mon Sep 17 00:00:00 2001
From: Sylvain Beucler <beuc@beuc.net>
Date: Thu, 21 Dec 2023 18:29:37 +0100
Subject: CVE-2023-37543/cacti: buster ignored

---
 data/CVE/list | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/data/CVE/list b/data/CVE/list
index 93ea99831c..d0c2522615 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -21747,8 +21747,8 @@ CVE-2023-37625 (A stored cross-site scripting (XSS) vulnerability in Netbox v3.4
 	- netbox <itp> (bug #1017079)
 CVE-2023-37543 (Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for  ...)
 	- cacti 1.2.6+ds1-1
-	[buster] - cacti <no-dsa> (Minor issue)
-	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-4x82-8w8m-w8hj
+	[buster] - cacti <ignored> (Unclear issue; can only be reproduced by reverting CVE-2019-16723 fixes; probably a different vector of the same vulnerability)
+	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-4x82-8w8m-w8hj (404)
 	NOTE: https://medium.com/%40hussainfathy99/exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed
 	NOTE: https://github.com/Cacti/cacti/issues/5523
 	NOTE: Not possible to pinpoint exact fix, but upstream confirms that the fix is in
-- 
cgit v1.2.3